Cybersecurity Privacy and Network Security and Risk Mitigation

Similar documents
Largest Risk for Public Pension Plans (Other Than Funding) Cybersecurity

Designing Privacy Policies and Identifying Privacy Risks for Financial Institutions. June 2016

Cyber breaches: are you prepared?

CYBER LIABILITY REINSURANCE SOLUTIONS

PRIVACY AND CYBER SECURITY

CYBER LIABILITY INSURANCE OVERVIEW FOR. Prepared by: Evan Taylor NFP

NZI LIABILITY CYBER. Are you protected?

Cyber Insurance for Lawyers

Protecting Against the High Cost of Cyberfraud

Cyber Risks & Insurance

Cyber Liability: New Exposures

JAMES GRAY SPECIAL GUEST 6/7/2017. Underwriter, London UK Specialty Treaty Beazley Group

HOW TO INSURE CYBER RISKS? Oulu Industry Summit

Cyber-Insurance: Fraud, Waste or Abuse?

Cyber Liability A New Must Have Coverage for Your Soccer Organization

Evaluating Your Company s Data Protection & Recovery Plan

Cyber Liability Insurance. Data Security, Privacy and Multimedia Protection

You ve been hacked. Riekie Gordon & Roger Truebody & Alexandra Schudel. Actuarial Society 2017 Convention October 2017

STEPPING INTO THE A GUIDE TO CYBER AND DATA INSURANCE BREACH

Cybersecurity Threats: What Retirement Plan Sponsors and Fiduciaries Need to Know and Do

A GUIDE TO CYBER RISKS COVER

Cyberinsurance: Necessary, Expensive and Confusing as Hell. Presenters: Sharon Nelson and Judy Selby

Privacy and Data Breach Protection Modular application form

The Wild West Meets the Future: Key Tips for Maximizing Your Cyber and Privacy Insurance Coverage

Cyber, Data Risk and Media Insurance Application form

ChicagoLand RIMS Cyber Insurance Coverage Pitfalls and How to Avoid Them

Cyber Security Liability:

Paul Jones, Jones & Co. Kathleen Rice, Faegre Baker Daniels, LLP

DEBUNKING MYTHS FOR CYBER INSURANCE

Add our expertise to yours Protection from the consequences of cyber risks

Cyber & Privacy Liability and Technology E&0


IS YOUR CYBER LIABILITY INSURANCE ANY GOOD? A GUIDE FOR BANKS TO EVALUATE THEIR CYBER LIABILITY INSURANCE COVERAGE

2018 Cyber & Tech Liability Risk Transfer Update Part 2

Cyber ERM Proposal Form

Cyber Enhancement Endorsement

Data Breach Program Pricing Companies with revenues less than $1,000,000

Session will advise advisers on marketing their services as a 3(38) fiduciary including legal and insurance considerations.

PAI Secure Program Guide

May 12, Due Diligence Request. To Whom It May Concern:

Cyber Risks & Cyber Insurance

CYBER ATTACKS AFFECTING FINANCIAL INSTITUTIONS GUS SPRINGMANN, AON PAVEL STERNBERG, BEAZLEY

LIABILITY INTERRUPTION OF ACTIVITIES CYBER CRIMINALITY OWN DAMAGE AND COSTS OPTION: LEGAL ASSISTANCE

Cybersecurity Curveballs in Vendor Risk Management Programs

Cyber Risk Proposal Form

INFORMATION AND CYBER SECURITY POLICY V1.1

Financial Industry Developments

Your defence toolkit. How to combat the cyber threat

Cyber Liability Launch Event Moscow

An Overview of Cyber Insurance at AIG

Vaco Cyber Security Panel

Sara Robben, Statistical Advisor National Association of Insurance Commissioners

HIPAA vs. GDPR vs. NYDFS - the New Compliance Frontier. March 22, 2018

CYBER AND INFORMATION SECURITY COVERAGE APPLICATION

Insuring your online world, even when you re offline. Masterpiece Cyber Protection

STEPPING INTO THE BREACH A GUIDE TO CYBER AND DATA INSURANCE

This article has been published in PLI Current: The Journal of PLI Press, Vol. 2, No. 2, Spring 2018 ( 2018 Practising Law Institute),

Cyber Insurance I don t think it means what you think it means

Cyber Risk & Insurance

APPLICATION FOR DATA BREACH AND PRIVACY LIABILITY, DATA BREACH LOSS TO INSURED AND ELECTRONIC MEDIA LIABILITY INSURANCE

APPLICATION for: TechGuard Liability Insurance Claims Made Basis. Underwritten by Underwriters at Lloyd s, London

At the Heart of Cyber Risk Mitigation

MEDIATECH INSURANCE APPLICATION THIS APPLICATION IS FOR A CLAIMS MADE POLICY PLEASE INDICATE WHICH COVERAGES ARE REQUIRED Technology and Professional

Surprisingly, only 40 percent of small and medium-sized enterprises (SMEs) believe their

Cyber Liability Insurance for Sports Organizations

Cyber Risk Management

SENIOR CARE CYBER-LIABILITY, CRISIS MANAGEMENT AND REPUTATIONAL HARM SUPPLEMENTAL APPLICATION

SECURITY SAFEGUARD BREACH GUIDE

Visa s Approach to Card Fraud and Identity Theft

Data Breach Financial Protection Program Terms and Conditions

FREQUENTLY ASKED QUESTIONS REGARDING 23 NYCRR PART 500

Cyber Risk Mitigation

DELHAIZE AMERICA PHARMACIES AND WELFARE BENEFIT PLAN HIPAA SECURITY POLICY (9/1/2016 VERSION)

Cyber Risk Insurance. Frequently Asked Questions

NEW CYBER RULES FOR NEW YORK-BASED BANKING, INSURANCE AND FINANCIAL SERVICE FIRMS HAVE FAR-REACHING EFFECTS

HIPAA PRIVACY AND SECURITY AWARENESS

Insurance Requirement Provisions in Technology Contracts: Mitigating Risk, Maximizing Coverage

March 1. HIPAA Privacy Policy

Combined Liability Insurance for Financial Technology Companies Proposal Form

THE GENERAL DATA PROTECTION REGULATION

Critical Issues in Cybersecurity:

The Internet of Everything: Building Cyber Resilience in a Connected World

Allianz Global Corporate & Specialty Pacific. Allianz Cyber Protect Premium

Technology E&O, Cyber and Privacy Insurance

Claims Made Basis. Underwritten by Underwriters at Lloyd s, London

S L tr lo a y t d egy s Cyber -Attack

Fraud and Cyber Insurance Discussion. Will Carlin Ashley Bauer

ANALYSIS & ASSESSMENT OF TECHNOLOGY FROM A BOARD S PERSPECTIVE STEPHANIE L. BUCKLEW SLB CONSULTING

What is a privacy breach / security breach?

Construction. Industry Advisor. Fall Year end tax planning for construction companies. How to self-insure your construction business

Solving Cyber Risk. Security Metrics and Insurance. Jason Christopher March 2017

NATIONAL RECOVERY AGENCY COMPLIANCE INFORMATION GRAMM-LEACH-BLILEY SAFEGUARD RULE

Determining Whether You Are a Business Associate

This Agreement contains the general terms, conditions and service descriptions governing each City National Bank Treasury Management Service (a

Equifax Data Breach: Your Vital Next Steps

A FRAMEWORK FOR MANAGING CYBER RISK APRIL 2015

IDENTITY THEFT COVERAGE ON INSURANCE POLICIES SPONSORED BY

Business Associate Risk

Summary of Form Changes e-md /MEDEFENSE Plus Insurance Policy (from version P1818CE-0115 to P1818CE-0716)

Untangling the Web of Cyber Risk: An Insurance Perspective

Transcription:

Ask the Experts at fi360 2016 Cybersecurity Privacy and Network Security and Risk Mitigation Gary Sutherland, NAPLIA CEO Brian Edelman, Financial Computer Inc. CEO Paul Smith, AIF NAPLIA SVP

SEC s 1st Cybersecurity Enforcement Proceeding SEC files charges against R.T. Jones after a cyberattack on a 3 rd party web server hosting the investment firm s data. Charges filed were NOT focused on firm s response to the cybersecurity breach or whether there was any actual harm (there was none), rather: Violation of Safeguards Rule of the Securities Act of 1933 [Rule 30(a) of Regulation S-P]; i.e. the firm failed to adopt written policies and procedures reasonably designed to protect customer records and information. SEC and R.T. Jones reached a settlement: Cease and Desist further violation. R.T. Jones fined with a penalty of $75,000.

Recent NAPLIA Claims Social Engineering and Fraud Hacker entered Advisor client s system and monitored communication with Advisor became aware of how they communicated style and language used. When Advisor s client was away, hacker requested a $75,000 wire transfer to fake vendor through clients email account followed by another successful request Which Policy responded?

CyberSecurity Is No Longer Optional For Financial Advisors OCIE Requires Governance Written Information Security Policies Incident Response Plan Designation of CISO Cyber Education Cyber Review of 3 rd Party Vendors Cybersecurity Tools Cyber Detection / Monitoring Periodic Cyber Risk Assessments

Cybersecurity Tools Monitoring / Inventory Managed Antivirus / Antispyware Managed Personal Firewall Managed Network Firewall Email Encryption Managed Whole Disk Encryption Hardware Encryption Wireless Encryption Password Manager Two Factor Authentication Disaster Backup and Recovery

Periodic Cyber Risk Assessments

Cyber Liability Insurance Even though you have all the cybersecurity tools in place you can still experience a breach. Make sure a loss does not put you out of business Cyber Liability Insurance Data breaches are now a fact of life. Cyber liability insurance has been available for over 10 years, however most professionals seem unlikely to have heard of it. Companies are now being held accountable for the private records they handle or control. Currently in the US 46 out of 50 states have mandatory requirements for how companies must respond to leaked personally identifiable information.

1 st Party Risk Internal cost of breach close the doors? Loss of Clients Personally Identifiable Data Total Cost per Record can be up to $300 per Containing damage / forensics Loss of income / Reputational cost Extortion / Ransom Responding to clients meeting state laws Credit Monitoring meeting each State law

3 rd Party Risk Liability for injury to others Suits arising out of unauthorized disclosure of PII Damage to others information Inability to access because of your activity Content Liability disparaging / Infringing Plagiarizing content erroneous advice

Insurance what to look for? 1st Party Coverage: Breach Response Support Emergency Response Fund Network Extortion Business Interruption & Expense Electronic Theft Data Restoration Business Reputation PR costs

Insurance what to look for? 3 rd Party Coverage: Privacy Injury claims Network Security Liability of others Regulatory Proceeding Coverage with Defense Website Liability harm done to others Publication of harmful content (from breach)

Insurance what to look for? Cost of coverage? Policies from A Rated carriers are running from $1,200 annually for 1Mil Limits for a small RIA. Costs are driven by number of records and applicants current Cyber Securities policies and procedures. A mid size BD might cost $10,000 plus Additionally, the nature of the business TPAs are more expensive to insure than RIAs / BDs more than RIAs.

Paul J. Smith, AIF SVP of North American Professional Liability Insurance Agency, LLC (NAPLIA) Paul manages the Investment Advisory Division At NAPLIA and is a regular presenter on risk management and insurance for Investment Advisors and other Financial Professionals. NAPLIA Executives speak regularly at national conferences. Paul has served on several national panel discussions regarding best practices, claim mitigation and understanding E&O insurance for Investment professionals.

Brian Edelman Brian Edelman is an Independent Technology Advisor and the CEO of Financial Computer, Inc., a company that provides Cybersecurity, Integrations and IT Support to the Financial Services Community. For more than two decades Brian and his firm have been delivering Technology Solutions to Financial Institutions and Advisors. The primary mission of Financial Computer is to keep information safe. We have partnered with the best of breed cybersecurity companies to design custom comprehensive solutions

Gary Sutherland, CIC, MLIS Gary B. Sutherland has over 30 years of insurance industry experience and founded North American Professional Liability Insurance Agency, LLC (NAPLIA) in 1998. NAPLIA has grown to be one of the leading writers of professional liability insurance, specializing in financial professionals. Mr. Sutherland holds the prestigious designation of Certified Insurance Counselor (CIC), an honor attained by only 2% of all insurance brokers, as well as certification as a Management Liability Insurance Specialist (MLIS). He previously held the position of National Sales Manager for a leading provider of professional liability insurance.

Additional Questions Paul J Smith Pauls@naplia.com

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback